New: Offline-first licensing with cryptographic validation. Learn more

Offline Activation

Licenz supports complete offline license activation for air-gapped networks, classified environments, and systems without internet connectivity.

How It Works

The sneakernet activation workflow uses a request/response file exchange:

  1. Generate Request - Create a .req file on the offline machine
  2. Transfer - Move the file to an online system (USB, secure file transfer)
  3. Process - Upload to Licenz dashboard or API to generate response
  4. Transfer Back - Move the .resp file to the offline machine
  5. Install - Install the license from the response file
Air-Gapped
Machine
.req
Licenz
Server
.resp
Air-Gapped
Machine

Step 1: Generate Request File

On the air-gapped machine, generate an activation request:

# Generate activation request
licenz sneakernet request --product PRODUCT_ID

# Output: activation_request_2024-01-15_abc123.req

The .req file contains:

  • Hardware fingerprint (CPU, disk, MAC addresses)
  • Product identifier
  • Request timestamp
  • Cryptographic signature

Step 2: Transfer and Process

Transfer the .req file to an internet-connected system. Then either:

Option A: Dashboard Upload

  1. Go to Licenses → Sneakernet Requests
  2. Click Upload Request
  3. Select the .req file
  4. Choose license type and options
  5. Click Generate Response
  6. Download the .resp file

Option B: CLI/API

# Using the CLI on an online machine
licenz sneakernet process activation_request.req --output license_response.resp

# Or using the API
curl -X POST https://api.licenz.io/v1/sneakernet/process \
  -H "Authorization: Bearer $API_KEY" \
  -F "request=@activation_request.req" \
  -o license_response.resp

Step 3: Install License

Transfer the .resp file back to the air-gapped machine and install:

# Install the license from response file
licenz sneakernet install license_response.resp

# Verify installation
licenz license status

Programmatic Integration

You can integrate sneakernet activation directly into your application:

use licenz::sneakernet::{ActivationRequest, ActivationResponse};

// Generate request
let request = ActivationRequest::new("product-id")?;
request.save_to_file("activation.req")?;

// Later, after getting the response file...
let response = ActivationResponse::from_file("license.resp")?;
let license = response.install()?;

println!("License installed: {}", license.key());

Security Considerations

  • Request signing - Requests are signed to prevent tampering
  • Hardware binding - Response is bound to the specific machine fingerprint
  • Time validation - Requests expire after 7 days by default
  • One-time use - Each request can only be processed once

Important for classified environments

The .req file contains hardware identifiers. Review your organization's data classification policies before transferring between security domains.

Next Steps